WyAtu - Security Researcher - Exploit Intelligence Platform

CVE-2018-20250 NOMISEC HIGH WORKING POC

WinRAR <5.61 - Path Traversal

In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.

495 stars

CVSS 7.8

View Code

CVE-2018-8581 NOMISEC HIGH WORKING POC

Microsoft Exchange Server - Privilege Escalation

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

332 stars

CVSS 7.4

View Code

CVE-2018-4407 NOMISEC HIGH WORKING POC

Apple Iphone OS < 12.0 - Memory Corruption

A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

13 stars

CVSS 8.8

View Code

CVE-2018-8581 NOMISEC HIGH WORKING POC

Microsoft Exchange Server - Privilege Escalation

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

5 stars

CVSS 7.4

View Code

CVE-2018-20250 NOMISEC HIGH WORKING POC

WinRAR <5.61 - Path Traversal

In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.

CVSS 7.8

View Code

CVE-2021-42321 PATCHAPALOOZA HIGH WORKING POC

Microsoft Exchange Server - Remote Code Execution

Microsoft Exchange Server Remote Code Execution Vulnerability

CVSS 8.8

View Code

CVE-2018-8581 PATCHAPALOOZA HIGH WORKING POC

Microsoft Exchange Server - Privilege Escalation

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

CVSS 7.4

View Code

CVE-2018-20250 EXPLOITDB HIGH python WORKING POC

WinRAR <5.61 - Path Traversal

In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.

CVSS 7.8

View Code